Professional Documents
Culture Documents
05 DEV421 DesigningAppsforMultipleUsers Slides
05 DEV421 DesigningAppsforMultipleUsers Slides
05 DEV421 DesigningAppsforMultipleUsers Slides
Multiple Users
Force.com
www.salesforce.com/training
Copyright 2010 salesforce.com, inc.
This document contains proprietary information of salesforce.com, inc., it is provided under a license
agreement containing restrictions on use, duplication and disclosure and is also protected by copyright
law. Permission is granted to customers of salesforce.com, inc. to use and modify this document for their
internal business purposes only. Resale of this document or its contents is prohibited.
The information in this document is subject to change without notice. Should you find any problems or
errors, please log a case from the Support link on the Salesforce home page. Salesforce.com, inc. does
not warrant that this document is error- free.
"Salesforce.com" and the "no software" logo are registered trademarks of salesforce.com, inc. Other
names used may be marks of their respective owners.
Copyright 2010 salesforce.com, inc. All rights reserved. 1 Designing Applications for Multiple Users
Safe Harbor Statement
This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions.
If any such uncertainties materialize or if any of the assumptions prove incorrect, the results of
salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking
statements we make. All statements other than statements of historical fact could be deemed forward-
lookingg statements, including:
g anyypprojections
j of earnings,
g revenues, or other financial items; anyy statements
regarding strategies or plans of management for future operations; any statements concerning new, planned,
or upgraded services or developments; statements about current or future economic conditions; and any
statements of belief.
The risks and uncertainties referred to above include but are not limited to risks associated with our new
business model; our past operating losses; possible fluctuations in our operating results and rate of growth;
interruptions or delays in our Web hosting; breach of our security measures; the immature market in which
we operate; our relatively limited operating history; our ability to expand, retain, and motivate our employees
and manage our growth; risks associated with new releases es of our service; and risks associated with selling
to larger enterprise customers. Further information on potential factors that could affectct the financial results
LY
of salesforce.com, inc. are included in our registration statement (on Form S-1) and in other filings with the
S iti and
Securities d Exchange
E h C i i
Commission. Th
These d
documents t are available
il bl on th
the SEC Fili
Filings
ngs sec tion off th
section the
salesforce.com website.
Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
N
Any unreleased services or features referenced in this or other press releases
leases or public statements are not
O
currently available and may not be delivered on time or at all. Customers who purchase our services should
make the purchase decisions based upon features
ures that are currently available.
SE
Copyright 2010 salesforce.com, inc. 3
U
AL
N
Course Objectives
R
Copyright 2010 salesforce.com, inc. All rights reserved. 2 Designing Applications for Multiple Users
Course Agenda
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 5
U
AL
N
Assumptions
R
Copyright 2010 salesforce.com, inc. All rights reserved. 3 Designing Applications for Multiple Users
Module 1: Design
Considerations:
Accommodating g
Multiple Users in
Your App
LY
N
www.salesforce.com/training
Copyright 2010 salesforce.com, inc.
O
Various trademarks held by their respective owners.
SE
7
U
AL
N
Module Objectives
R
Copyright 2010 salesforce.com, inc. All rights reserved. 4 Designing Applications for Multiple Users
Module Agenda
Things to Consider
Business Requirements for the Recruiting App
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 9
U
AL
N
Copyright 2010 salesforce.com, inc. All rights reserved. 5 Designing Applications for Multiple Users
Module Agenda
Things to Consider
Business Requirements for the Recruiting App
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 11
U
AL
N
Positi
Po
Positions
ti Candidates/Job
ndidat /J
/Job Apps Reviews
IN
R, C, E R, C, E R, C, E
Recruiter
Re uite
Hiring
g Mgr
g
Copyright 2010 salesforce.com, inc. All rights reserved. 6 Designing Applications for Multiple Users
Module Review
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 13
U
AL
N
Module 2:
R
Managing Your
TE
U Experience
Users Exp
IN
www.salesforce.com/training
Copyright 2010 salesforce.com, inc.
Various trademarks held by their respective owners.
14
Copyright 2010 salesforce.com, inc. All rights reserved. 7 Designing Applications for Multiple Users
Module Objectives
LY
Create a record type to filter picklist values.
Create a record type and page layout to alter the user
N
experience.
Employ field-level security to lock down access to field data.
O
SE
Copyright 2010 salesforce.com, inc. 15
U
AL
N
Module Agenda
R
Licenses
TE
Overview of Profiles
Profiles and Permissions
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 8 Designing Applications for Multiple Users
License Types
Salesforce Platform D
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 17
U
AL
N
Module Agenda
R
Licenses
TE
Overview of Profiles
Profiles and Permissions
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 9 Designing Applications for Multiple Users
What is a Profile?
LY
Administrative Object CRUD Record Types
Typ
Permissions
Standard/Custom Login Hours and IP Tabs
N
Object CRUD Ranges
Applications
Applicati
O
SE
Copyright 2010 salesforce.com, inc. 19
U
AL
N
Tab settings determine which tabs users see when they log in.
TE
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 10 Designing Applications for Multiple Users
What Do Profiles Control? (cont.)
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 21
U
AL
N
Copyright 2010 salesforce.com, inc. All rights reserved. 11 Designing Applications for Multiple Users
Module Agenda
Licenses
Overview of Profiles
Profiles and Permissions
Profiles and Access to Data
Profiles and the User Interface
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 23
U
AL
N
Copyright 2010 salesforce.com, inc. All rights reserved. 12 Designing Applications for Multiple Users
A Few Permissions to Note
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 25
U
AL
N
Object Permissions
R
have access.
IN
Lacking the "Read" permission for an object means that users will not
be able to access it at all.
No access in the application or API
No access on reports
No access through search
Copyright 2010 salesforce.com, inc. All rights reserved. 13 Designing Applications for Multiple Users
Exercise 2-1: Creating Custom Profiles
Goal:
5 min.
Create a new profile for recruiters.
Scenario:
At Universal Containers, recruiters need to be able to create,
view, and modify any position, candidate, job application, or
review that is in the system.
To comply with state and federal public records laws, all
recruitment-related info must be saved for several years.
Consequently, recruiters should NOT have the ability to delete
LY
anyy records in the Recruiting
g Application.
pp
Tasks:
Create a custom recruiter profile to accomplish these
N
requirements.
O
Assign a user to this new profile. SE
Copyright 2010 salesforce.com, inc. 27
U
AL
N
Goal:
TE
10 min.
Create new custom profiles.
Scenario:
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 14 Designing Applications for Multiple Users
Module Agenda
Licenses
Overview of Profiles
Profiles and Permissions
Profiles and Access to Data
Profiles and the User Interface
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 29
U
AL
N
Copyright 2010 salesforce.com, inc. All rights reserved. 15 Designing Applications for Multiple Users
Exercise 2-3: Restricting Access Using Field-Level
Security
Goal:
5 min.
Use field-level security to restrict access to compensation
information.
Scenario:
Universal Containers (UC) wants to completely lock down edit
access to compensation information for hiring managers
through all ways a user could access the Recruiting
application.
Task:
LY
Use field-level security to make the Min Pay and Max Pay
fields on the Position object read-only for hiring managers.
N
O
SE
Copyright 2010 salesforce.com, inc. 31
U
AL
Security
R
Goal:
TE
5 min.
Use field-level security to restrict users access to fields.
Scenario:
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 16 Designing Applications for Multiple Users
Module Agenda
Licenses
Overview of Profiles
Profiles and Permissions
Profiles and Access to Data
Profiles and the User Interface
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 33
U
AL
N
Record Types
R
business needs.
Note: Record ttypes
yp only y affect the wayy that data is displayed
p y in the
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 17 Designing Applications for Multiple Users
Record Types (cont.)
LY
The record types
yp available in the p
picklist
icklist are determined b
byy the user
profile.
Edit Profile | Record Type Settings
N
O
SE
Copyright 2010 salesforce.com, inc. 35
U
AL
N
Goal:
TE
10 min.
Create a custom record type tthat limits the picklist choices
available to hiring managers.
IN
Scenario:
Technical hiring managers can open new positions, but they
should only open positions in IT and Engineering departments.
When creating a technical position, hiring managers should
have access only to the IT and Engineering values. When
creating a non-technical position, hiring managers should have
access to the other department values. Recruiters should be
p
able to see and use all department values.
Tasks:
Create a Technical Position record type.
Repeat the process, creating a Non-technical Position record
type.
Copyright 2010 salesforce.com, inc. All rights reserved. 18 Designing Applications for Multiple Users
What Does a Page Layout Control?
LY
N t M
Note: t bli h
May establish
unique layouts for
different business
N
scenarios
O
SE
Copyright 2010 salesforce.com, inc. 37
U
AL
N
Goal:
TE
15 min.
Create a new page layout to reflect differences between
technical and non-technical positions.
IN
Scenario:
When creating new positions, technical hiring managers need
to specify technical criteria desired for their candidates, such
as programming language or operating system. Recruiters
need to be able to create all kinds of positions.
Tasks:
Create fields for Operating
p g Systems
y and Programming
g g
Languages.
Create a new page layout for technical positions. On the new
page layout, show the Operating System and Programming
Language fields in a separate section.
Copyright 2010 salesforce.com, inc. All rights reserved. 19 Designing Applications for Multiple Users
Exercise 2-7: Creating Page Layouts and Record
Types
Goal:
10 min.
Create page layouts and record types for approved positions.
Scenario:
Universal Containers would like to implement an approval
process for each position. This process will route positions to
the approvers specified on the position. Once the position has
been approved, the approvers no longer need to be listed on
the position.
Tasks:
LY
Create new page layouts for approved technical positions and
approved non-technical positions.
N
Create new record types for approved technical positions and
O
approved non-technical positions.
SE
Copyright 2010 salesforce.com, inc. 39
U
AL
N
Module Review
R
Copyright 2010 salesforce.com, inc. All rights reserved. 20 Designing Applications for Multiple Users
Module Review (cont.)
LY
P
Page l t ?
layouts?
N
O
SE
Copyright 2010 salesforce.com, inc. 41
U
AL
N
Module 3:
R
Controlling Access
TE
to Records
IN
www.salesforce.com/training
Copyright 2010 salesforce.com, inc.
Various trademarks held by their respective owners.
42
Copyright 2010 salesforce.com, inc. All rights reserved. 21 Designing Applications for Multiple Users
Module Objectives
LY
Manually share records.
N
O
SE
Copyright 2010 salesforce.com, inc. 43
U
AL
N
Module Agenda
R
Record Ownership
Organization
Organization-Wide Defaults
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 22 Designing Applications for Multiple Users
Record Access
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 45
U
AL
N
View
Full Access
Edit
IN
Transfer Ownership
Transfer ownership
Delete
Delete
Share Read/Write
Share
Edit
Read/Write privileges: Read
View Only
Edit View
Read-only privileges:
View
Copyright 2010 salesforce.com, inc. All rights reserved. 23 Designing Applications for Multiple Users
Ways to Obtain Access to a Record
LY
Object permission: View All
N
O
SE
Copyright 2010 salesforce.com, inc. 47
U
AL
N
So, a users profile might specify that a user can see candidates, but the
sharing model determines which candidates that user can see.
The sharing model might determine that a user can see Joe Schmoe, but
the profile specifies which fields that user can view and edit.
Copyright 2010 salesforce.com, inc. All rights reserved. 24 Designing Applications for Multiple Users
Module Agenda
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 49
U
AL
N
Record Ownership
R
TE
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 25 Designing Applications for Multiple Users
Custom Object Queues
LY
A b off a queue has
Any member h ththe same access tto allll record
d iin th
records thee
queue that an owner would have.
N
O
SE
Copyright 2010 salesforce.com, inc. 51
U
AL
N
Goal:
TE
5 min.
Create a custom queue for the Recruiting department to hold
p
position and candidate records.
IN
Scenario:
Universal Containers wants to use the queue feature to
manage the pool of recruiters working with open positions and
candidates.
Task:
Create a q
queue for p
positions and candidates.
Copyright 2010 salesforce.com, inc. All rights reserved. 26 Designing Applications for Multiple Users
Module Agenda
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 53
U
AL
N
Copyright 2010 salesforce.com, inc. All rights reserved. 27 Designing Applications for Multiple Users
Determining How to Set OWD for an Object
Questions to ask:
1. Who is the most restricted user of this
j
object?
2. Is there ever going to be an instance
of this object that this user shouldnt
be allowed to see?
3. Is there ever going to be an instance
of this object that this user shouldnt
be allowed to edit?
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 55
U
AL
N
Copyright 2010 salesforce.com, inc. All rights reserved. 28 Designing Applications for Multiple Users
Exercise 3-2: Setting Organization-Wide Defaults
Goal:
5 min.
Use organization-wide defaults (OWD) to restrict edit
p
permissions for p
position data.
Scenario:
At Universal Containers, standard users (who are not
recruiters), hiring managers, or interviewers are only allowed to
view position data. There will never be any position that a
standard user is not permitted to see.
Standard users are not ever allowed to edit any position
LY
d
records.
Tasks:
N
Change the organization-wide default setting for Positions.
O
SE
Copyright 2010 salesforce.com, inc. 57
U
AL
N
Goal:
TE
5 min.
Establish appropriate organization-wide defaults for
Applications,
Candidates, Job A pp and Reviews.
IN
Scenario:
Interviewers are only permitted to see candidate and job
application records to which theyve been assigned as
interviewers.
Interviewers should only be permitted to view, create, and
modify their own reviews.
Tasks:
Update organization-wide defaults for Candidates and Job
Applications.
Copyright 2010 salesforce.com, inc. All rights reserved. 29 Designing Applications for Multiple Users
Review
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 59
U
AL
N
Module Agenda
R
Record Ownership
Organization Wide Defaults
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 30 Designing Applications for Multiple Users
Universal Containers Scenario
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 61
U
AL
N
A Role:
TE
Copyright 2010 salesforce.com, inc. All rights reserved. 31 Designing Applications for Multiple Users
Role Hierarchy Considerations
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 63
U
AL
N
Knowledge Check
R
TE
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 32 Designing Applications for Multiple Users
Exercise 3-4: Implementing a Role Hierarchy
Goal:
5 min.
Complete the role hierarchy by adding a role for product
g
managers.
Scenario:
Universal Containers has added a new role called Product
Manager and would like the hierarchy to reflect the addition.
Tasks:
Add a new Product Manager role.
LY
Assign users to the new role
role.
Log in as a Product Manager and as the Director of Product
N
Management to test the changes to the hierarchy.
O
SE
Copyright 2010 salesforce.com, inc. 65
U
AL
N
Public Groups
R
Every organization has a default public group that includes all users, or
if portals or sites are used, includes all internal users.
Copyright 2010 salesforce.com, inc. All rights reserved. 33 Designing Applications for Multiple Users
Public Groups (cont.)
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 67
U
AL
N
Goal:
TE
5 min.
Create a new public group including all interviewers.
Scenario:
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 34 Designing Applications for Multiple Users
Module Agenda
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 69
U
AL
N
Megan Smiths team cannot see any reviews owned by Andrew Goldbergs
team.
Ben Stuart cannot see reviews written by QA or Product Management.
Melissa Lee cannot see records for candidates she needs to interview.
Copyright 2010 salesforce.com, inc. All rights reserved. 35 Designing Applications for Multiple Users
Sharing Rules and Manual Sharing
Sharing Rules:
Automatic exceptions to organization-wide defaults for particular
groups
g p of users
Used to open up access to records
Never permitted to be more strict than organization-wide default
settings
Manual Sharing:
Used to open up access to a specific record
LY
owners anyone above owners in the role hierarchy
Granted by owners, hierarchy, and
System Administrators
N
O
SE
Copyright 2010 salesforce.com, inc. 71
U
AL
N
Goal:
TE
10 min.
Allow recruiters, recruiting managers, and the VP of Human
recruiting
Resources to view all elements of the recruitin gpprocess.
IN
Scenario:
Recruiters and their management should be able to read and
update every position, candidate, job application, and review
record in the application.
Tasks:
Create sharingg rules to g
give recruiters access to p
positions,
candidates, job applications, and reviews.
Copyright 2010 salesforce.com, inc. All rights reserved. 36 Designing Applications for Multiple Users
Exercise 3-7: Implementing Manual Sharing
Goal:
5 min.
Add manual sharing for various users to grant access on
records where theyy are invested in the information.
Scenario:
Establish manual sharing at Universal Containers to
accomplish the remaining access levels:
Grant hiring managers read and update access on positions
and candidates where they are the hiring manager.
LY
Grant interviewers read access on jjob application
pplication and
candidate records for people they are interviewing.
Tasks:
N
Update manual sharing on a position record.
O
SE
Copyright 2010 salesforce.com, inc. 73
U
AL
N
Administrator
Owner
Custom Object Sharing Rule
Establishing Apex sharing reasons allows developers to define the
reason that a user or group of users might have access to a record.
Copyright 2010 salesforce.com, inc. All rights reserved. 37 Designing Applications for Multiple Users
Apex Sharing Reasons (cont.)
The Apex sharing reasons describe why users can access a record.
Examples might be:
Open
p Position ((users have access to a p
position record because that
position is currently open).
Hiring Manager (users might have access to a position because they
are the hiring manager on that position).
Apex sharing reasons are defined for custom objects only.
Apex sharing reasons are defined object by object.
LY
So, p
positions might
ght have different reasons than candidates.
N
O
SE
Copyright 2010 salesforce.com, inc. 75
U
AL
N
Goal:
TE
5 min.
Define the reasons that a record may be shared.
Scenario:
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 38 Designing Applications for Multiple Users
Sharing Records
Simple
Sharing Manual
Rules Sharing
LY
Automated Flexible
N
Apex
Sharing
O
SE
Copyright 2010 salesforce.com, inc. 77
U
AL
N
Permissions
TE
Organization-Wide Defaults
Read-Only
Read/Write
Roles
Above the owner?
Sharing
Sharing Rules
Manual Sharing
Copyright 2010 salesforce.com, inc. All rights reserved. 39 Designing Applications for Multiple Users
Module Review
LY
f t
feature h ld th
should thatt user choose?
h ?
N
O
SE
Copyright 2010 salesforce.com, inc. 79
U
AL
N
R
Module 4: Putting
TE
it All Together
IN
www.salesforce.com/training
Copyright 2010 salesforce.com, inc.
Various trademarks held by their respective owners.
80
Copyright 2010 salesforce.com, inc. All rights reserved. 40 Designing Applications for Multiple Users
Module Objectives
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 81
U
AL
N
Module Agenda
R
Copyright 2010 salesforce.com, inc. All rights reserved. 41 Designing Applications for Multiple Users
Exercise 4-1: Establishing Data Access
Goal:
20 min. Create a process by which position access is determined by the status of a position.
Scenario:
Universal
U i Containers
lC t i has d
h determined
t i d that
th t open positions
iti should
h ld be
b visible
i ibl tto allll
users, but closed positions should be visible to recruiters (and their management),
hiring managers, and approvers only. Only recruiters and their managers should be
able to add sharing to a position.
Tasks:
Answer the following questions, then update sharing accordingly:
What should the organization-wide default for positions be?
Who should own positions?
LY
Should Grant
Grant Access Using Hierarchies
Hierarchies be checked?
How will recruiters get access to closed positions? Open positions?
How will all users get access to open positions?
N
How will hiring managers get access to closed positions? Open positions?
O
How will approvers get access to closed positions? Open positions?
SE
Copyright 2010 salesforce.com, inc. 83
U
AL
N
Goal:
TE
20 min.
Ensure that the salary for any position is visible only to the
hiring
recruiter, the hirin g manager,
g and the hiring g managers
g boss.
IN
Scenario:
Universal Containers has decided that salary information for
any position should be visible only to the recruiter, the hiring
manager for that position, and the hiring managers boss. The
recruiter should control the salary data.
Tasks:
Determine how to store this information to meet the visibility
requirements outlined above.
Copyright 2010 salesforce.com, inc. All rights reserved. 42 Designing Applications for Multiple Users
Module Agenda
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 85
U
AL
N
Copyright 2010 salesforce.com, inc. All rights reserved. 43 Designing Applications for Multiple Users
Which Tool to Use? (cont.)
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 87
U
AL
N
Copyright 2010 salesforce.com, inc. All rights reserved. 44 Designing Applications for Multiple Users
Module Review
LY
N
O
SE
Copyright 2010 salesforce.com, inc. 89
U
AL
N
R
TE
IN
Copyright 2010 salesforce.com, inc. All rights reserved. 45 Designing Applications for Multiple Users